Take Stock of Cyber Risk in Light of Russian Cyber Activity

Many leaders in enterprise information security and IT operations organizations are taking stock of the potential for risk due to cyber operations between Russia and western countries that show support for Ukraine. Russian President Putin has said there will be “consequences” for nations that interfere, which could come in the form of cyberattacks, particularly on […]

Advice for Defenders Responding to the log4j Vulnerability CVE-2021-44228

Binary Defense Security Operations, Engineering, and Threat Hunting analysts have been working alongside our clients and our friends in the infosec community to mitigate the threat to organizations as a result of the critical Apache log4j vulnerability that is actively being exploited by threat actors. We are especially thankful for our colleagues at TrustedSec, who […]

Analysis of Hancitor – When Boring Begets Beacon

Author: Brandon George What is Hancitor? Hancitor is a well-known malware loader that has been observed delivering FickerStealer, Sendsafe, and Cobalt Strike Beacon if the victim targeting conditions are met. In recent months, more threat intelligence has been gathered as to what the attackers’ goals are when Hancitor is used to deliver Cobalt Strike Beacon […]

Unemployment Fraud on the Rise

What is Unemployment Fraud? Unemployment insurance, a state-administered program that has helped countless people who suddenly found themselves without work since the beginning of the COVID-19 pandemic, is actively being taken advantage of by scammers who are looking to steal money. Unemployment Fraud is a scam that involves people stealing personal identifying information including name, […]

What Do Criminal Hackers and Scammers Discuss on Forums?

A message board or an internet forum is an online discussion site where users can communicate with the entire group of members via posted messages. These are different from chat rooms where small groups send short messages, because forum posts are often longer than chat messages and typically organized into discussion topics. These forums are […]

Top Ten CyberSafe Tips

Cybercriminals have many ways of targeting and accessing sensitive information on personal computers and corporate networks. Because cybercriminals are able to monetize their attacks for millions of dollars, there is strong incentive for them to continue to attempt to steal information and sneak past security controls. In most cases, the difference between keeping computers safe […]

The Insider Threat: Why Your Greatest Security Risk Might Be Your Employees

If you’re outside the security industry, you probably think of a cybercriminal as they are portrayed on TV and movies: a shadowy figure in a hoodie, hunched over a computer in a darkened room. The reality is, they could look like the person you just talked to in the break room in your office. That’s […]

What is the Darknet?

Author: Jarrod Suffecool We all hear about the “Darknet” and the “Deepweb” all the time when referring to the places where threat actors are hanging out online, but what do these terms really mean? While they are very similar, some differences exist. The Deepweb refers to websites which are not indexed by services like Google […]

Are you in tune? Why SIEM tuning is important

Authors: Eric Itangata and Mike Daniels A Security Information and Event Manager (SIEM) is in the traditional sense, used for central log storage. It provides a central location for an organization to review logs from disparate systems and also is a place to retain these logs per the organization’s compliance needs. The purposes of a […]

Hunting and Defeating Evasive Threats

Written by: Randy Pargman and James Quinn Threat actors spend a lot of time and energy to evade and defeat detections on their victims’ network. Threat hunters and other defenders should be aware of the sneaky techniques that are most often used and adjust their tactics to catch the threats and put a stop to their access. In this blog post, […]

Intro to Threat Hunting

If you’ve been around the information security community, you’ve probably heard the term “Threat Hunting” and considered how you can apply these techniques to enhancing the security of your organization’s network and computer systems. In this blog post, we’re going to describe what threat hunting means, how you can get started, and what you’re going […]

COVID-19 Scams Run Rampant

With the coronavirus in the news and weighing heavily on the minds of just about everyone, cyber attackers are taking advantage of people’s fears in a multitude of ways. Warnings have been issued from almost every federal agency imaginable. We have compiled an overview of some of the more widespread threat campaigns being deployed. Phishing […]